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WHAT IS CLAIMED IS: 

^ ^^'^>-!rA 1 . A method for providing access to users based on i^er profiles 
and-^^ing a web-based system that includes a server system coupled to a centralized 
interactive database and at least one client system, said method cojnprising the steps 
of: 

creating an electronic profile for a user within a o^ntralized database; 

creating an electronic profile for data within thexentralized database; 

establishing pre-determined rules and methodology for user access; 

making a decision with reference to the user access after completing an 
evaluation based on the electronic profiles, pre-detpmined rales, and operating 
methodology in response to a request from the user for access. 

2. A method according to Claim 1 wherein said step of creating an 
electronic profile for a user further comprises th/step of creating an electronic profile 
based on information available from at least jme an OHR Application and an RFCA 
Application. 

3. A method according to Claim 1 wherein said step of creating an 
electronic profile for data further comjmses the step of creating data profiles based on 
at least one of Data Elements, Data ^ags. Rules of Access, an Approver's Name for 
Each Rule of Access, Rules of Exclusion, an Exception List, and Field Tags. 

4. A methc<a according to Claim 3 wherein said step of 
establishing pre-determined pules and methodology for user access further comprises 
the steps of: 

establishipl^ pre-determined rules in the centralized database based on 
at least one of Rule Ba/ed Access guidelines. Group Based Access guidelines. Search 
& Subscribe Utilities guidelines. Active Positioning Monitoring guidelines. Hard 
Exclusion Rules guidelines, and Access Audits guidelines; and 

establishing methodology to ensure timely and accurate decision 
making based on^riteria established by the management. 
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5. A method for managing user profile information, inch/ding 
managing access control to applications and data by implementing a level of/ecurity 
across the different applications that is the same for each application, usicfg a web- 
based system that includes a server system coupled to a centralized/ interactive 
database and at least one client system, said method comprising the steps: of: 

providing capabilities for a user to request access to information that 
the user currently does not have access to; 

tracking a status of the request; 

obtaining a decision from an owner of the data requested; 
implementing the decision; and 

notifying the user of the decision within a pre^determined time frame. 

6. A method according to Claim 5 wherein said step of obtaining a 
decision further comprises the step of obtaining at least one of an approval decision 
and a disapproval decision. 

7. A method according tor Claim 5 wherein said step of 
implementing the decision further includes tlfe steps of reviewing and auditing the 
user access. 

8. A method according to Claim 5 wherein said step of 
implementing the decision further includes the step of creating a consistent security 
model that includes centralized adraflnistration of security of the system and uses 
single user profile and privilege for/accessing different applications. 

9. A metho(a according to Claim 5 wherein said method further 
comprises the steps of: 

creating usec^rofiles; 

providing 2K:cess control to data associated with user profiles; 
defining/permissions based on a user identifier associated with user 

profiles; and 

developing a specification for user interfaces. 
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10. A method according to Clfdm 5 further comprising the st^ of 
providing administration of a common security model for access control and*^ event 
notification. 



11. A method according to Claim 5 further comprising the step of 
updating profiles automatically on at least one of a pre-deteniiined tim^ interval and 
a change in organization hierarchy. 

12. A method according to Claim 5 further cgAiprises the step of 
updating profiles automatically when a user transfers department 

13. A method according to Claim 5 furthef comprising the step of 
generating access list reports that identify accessible an^ non-accessible data and 
restrictions for access. 

14. A method according to Claim 5 Airther comprising the step of 
retrieving information from the centralized database yln response to a specific inquiry 
from an administrator. 

15. A method according to Cl4im 5 wherein the client system and 
the server system are connected via a networjc and wherein the network is one of a 
wide area network, a local area network, an iiitranet and the Internet. 

16. A database configured to be protected from access by 
unauthorized individuals by managing i/ser and data profiles by an administrator, said 
database providing access to users b^ed on pre-determined rules and criteria further 
comprising: 

data corresponding to at least one of Rule Based Access guidelines. 
Group Based Access guidelipfes, Search & Subscribe Utilities guidelines. Active 
Positioning Monitoring gui/elines. Hard Exclusion Rules guidelines, and Access 
Audits guidelines; 

data corresponding to applications that cross-references the 
applications data against unique identifiers; 
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data corresponding to users that cross-references the users data^dgainst 
unique identifiers; and 

data corresponding to various methodologies that facilitate^ accurate 
decision making. 

17. A web-based system for managing user proxies including 
access control to applications and data by implementing level of security across the 
different applications that is the same for each application, said system comprising: 

a client system comprising a browser; 
a data storage device for storing information; 
a server system configured to be coupled to said client system and said 
database, said server system further configured to: / 

manage registration process by creating user profiles and data 

profiles; / 
manage Authorization Process bymanaging Default Access 

Process and Evaluation Process; 
manage Maintenance Processyby managing Exception Access 
Process and Access yProcess within the Data Storage 
Device. 

18. A system according to yClaim 17 wherein said data storage 
device further configured to: 

store information in various sub-sections of the centralized database; 

cross-reference informatio^ against an unique identifier for easy 
retrieval and update; and 

retrieve information fro(n the centralized database in response to an 
inquiry to provide requested information to the user. 

19. A system aje^cording to Claim 17 wherein said client system is 
further configured with: 

a displaying component; and 

a sending component to send an inquiry to the server system such that 
the server system can process and download the requested information to the client 
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system, wherein said sending component functions in response to at least ^pne of a 
click of a mouse button and a voice command. 

20. A system according to Claim 19 wherein saicL/ystem is further 
configured to be protected from access by unauthorized indj.\4duals and further 
configured with: 

a collection component for collecting infonriation from users into the 
centralized database; 

a tracking component for tracking information on an on-going basis; 

a displaying component for displaying various user interfaces; 

/ 

a receiving component for receiving an inquiry from the client system 
regarding at least one of a user interface; and 

an accessing component for accessing the centralized database and 
causing the retrieved information to'be displayed on the client system. 
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